[ad_1]
A group of hackers who stole more than two million records from the Legal Aid Agency have threatened to publish the information unless one of their members is “freed”.
Members of the ShinyHunters cybercrime group made the threat on a new Telegram channel, marking the first public claim for the attack on the agency, which happened in April.
The group said in the Telegram post that if the Ministry of Justice (MoJ) did not “free” an individual, whom The Times is choosing not to name, by 6am on Monday “we will leak all the GitHub repositories and the Legal Aid Agency Ministry of Justice database”. The threat did not appear to have been carried out as the deadline passed.
The hack has caused chaos in legal circles and the data stolen is highly personal, including criminal history and financial information, such as debt and payment records. Large parts of the legal aid system remain offline, leading some barristers to say they are not being paid.
The group demanded about £1.5 million in bitcoin as a ransom from the MoJ, but the public sector does not pay cybercriminals and will soon be prevented from doing so by law.
The hackers on Telegram appeared to try to confirm who they were by publishing an injunction taken out on them by the MoJ to prevent publication of the stolen data.
ShinyHunters has been linked to a wave of recent hacks on Qantas, Allianz Life, LVMH, Adidas and Google. In particular, it has been targeting client relationship data that companies hold and manage via Salesforce software.
Hackers pretend to be a member of IT support for the company and convince a member of staff to install a piece of software that looks like an official Salesforce app. However, it is a piece of malicious software that extracts data.
In June, Google Threat Intelligence appeared to anticipate the new channel, saying: “We believe threat actors using the ‘ShinyHunters’ brand may be preparing to escalate their extortion tactics by launching a data leak site. These new tactics are likely intended to increase pressure on victims.”
The ShinyHunters’ tactics resemble the methods used by Scattered Spider, a group that has been accused of carrying out retail hacks on Marks & Spencer, Co-Op and Harrods. Four people have been arrested in connection with retail hacks.
The cyberattack on Marks & Spencer led to shortages of food items in some stores
GUY BELL/ALAMY
The two groups have been linked by security experts because they appear to have some common members and are part of a loose collective of cybercriminals known as The Com.
ShinyHunters has also been linked to the recent hack on Ticketmaster and other large companies that were using Snowflake, the data storage firm.
The MoJ was approached for comment.
[ad_2]
Source link
Click Here For The Original Source.
